Web Server

There's nothing interesting. It seems a static website.

Subdomains

To enumerate potential subdomains use gobuster.

gobuster vhost -u http://k2.thm -w /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-110000.txt --append-domain

  • Add both domains to /etc/hosts.

Visit the subdomains

Sing up on http://it.k2.thm/

  • Create an account on this server.
    • Username: Hack
    • Password: 123456

Next step: XSS